Overview

overview

10

Static

static

3

mtk.exe

windows7-x64

10

Resubmissions

24-10-2023 18:49

231024-xgcqbagg7t 10

24-10-2023 18:43

231024-xcw86agg5y 3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    mtk.exe

  • Size

    4.1MB

  • Sample

    231024-xgcqbagg7t

  • MD5

    70c30480eb06b0183743d108788a2f2c

  • SHA1

    84e4960ed1fad36636dde2be095e4ef330ba80e8

  • SHA256

    732551a1d5097426140ce31fae1be56a76a8e4e1fe7f3f8f881541fb75f0df0a

  • SHA512

    88f1555af06d66b62709e8f34241f14e9fdbdc56ee1aa847923509e2794637cee751d7e67993339542d9730f6953d5f96a8dec3e0e0b7cd3961c31f5086422b9

  • SSDEEP

    49152:yJztu88Rw5yLMmRBOCWRgC4NqFgyMnQHhvwnKhTcF5UHsn3A1DNekUEmZT:tjFnkwssn3AN8E8T

Score
10/10
neshtastrongpitypersistencespywarestealerupx

Malware Config

Targets

    • Target

      mtk.exe

    • Size

      4.1MB

    • MD5

      70c30480eb06b0183743d108788a2f2c

    • SHA1

      84e4960ed1fad36636dde2be095e4ef330ba80e8

    • SHA256

      732551a1d5097426140ce31fae1be56a76a8e4e1fe7f3f8f881541fb75f0df0a

    • SHA512

      88f1555af06d66b62709e8f34241f14e9fdbdc56ee1aa847923509e2794637cee751d7e67993339542d9730f6953d5f96a8dec3e0e0b7cd3961c31f5086422b9

    • SSDEEP

      49152:yJztu88Rw5yLMmRBOCWRgC4NqFgyMnQHhvwnKhTcF5UHsn3A1DNekUEmZT:tjFnkwssn3AN8E8T

    Score
    10/10
    neshtastrongpitypersistencespywarestealerupx

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

      persistencespywareneshta

    • StrongPity

      StrongPity is a spyware developed by PROMETHIUM APT group mainly used in government sponsored attacks.

      stealerspywarestrongpity

    • StrongPity Spyware

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Winexe tool used by Sofacy APT in several incidents

    behavioral1

MITRE ATT&CK Matrix

Tasks